July 12th, 2003, 11:12 AM
help needed in selecting firewall & a antivirus
i am the system adminstrator in college. I look after the internet lab maintainence.
all the systems are connected via broad band.
most of the systems are affected by virus.Since i can't control what others open/ execute here.
i would like to set access rights for the students. over the net.
please help me.
i would also like to set a firewall.can u guide me to a good (free)firewall.
does setting a proxy slow down net access speed.
July 12th, 2003, 11:30 AM
Have had good success with WINPROXY by Ositis. Includes Anti-Virus....and has
good rules....Black Listing.......Port blocking.....etc
Only thing it wouldn't stop was MSN Messenger. (NO one can block that damn thing !!!)
July 12th, 2003, 12:50 PM
a good firewall to stop msn would be tiny personal firewall, they used to have a free version but its not available any more, you could get the old free version off a p2p sharing system such as kazaa, its called pf2.exe about 1.35 meg i think, it has the facility to block traffic on ports as well as block connections from specific programs (such as MSN) so that way you can block MSN from using port 80 and other ports but you still get your other web traffic through, if you installed this on your server it should sort most of the things out for you.
the proxy shouldnt slow down the net speed much if at all, if you set it up with a cache of some sort you will likely get better speed because you wont need to make a connection over the net to get cached pages
a good antivirus program that should get you started is AVG anti virus, they have free versions of it as well as the usual pay version and volume licensing version etc etc...
get it here: www.grisoft.com
ive found the free one to keep me out of trouble, ha picked up any viruses ive ever got ( from my own silly mistakes usually), it can monitor email, web and EXE type files and should be enough, also has a quick system start up scan for boot type virii
hope this will help you out a bit
July 12th, 2003, 12:58 PM
No, using a proxy won't slow access down. In fact, because of caching, it might speed it up.
Your best bet is probably to block direct access completely, and use a proxy or transparent proxy, which supports content filtering.
Then you can block downloads of (for example), .exe, .zip .rar from untrusted sites, but still allow downloading non-harmful files (for example PDF)
You really want a desktop antivirus solution set up across the entire network for all workstations. This may cost a bit but it will be worth it. This will prevent any files which do get through the content scanning proxy from infecting them with viruses (for example MSWord macro viruses).
Then I suppose if people need to download an exe file for a genuine purpose you can download it for them and place on a shared directory.
-- Oh yes, blocking MSN messenger:
MSN messenger I believe uses HTTP requests to a given set of hosts. Once you know which hosts they are, you can block them by host name and/or IP.
July 12th, 2003, 01:52 PM
Winproxy by Ositis... bleh... it has a lot of good features and works fine but it was damm unstable. This proxy crashed within 36 hours, again and again. I changed to a *nix solution and that one still runs. We are not speaking of hours now but of months. The Ositis used a more powerfull box than the *nix. It seemed to crash due to internet worms trying to reproduce, I thought this thing was there to prevent those things? It stopped the viruses but it crashed whenever there was one on the network??? so *nix ! and it still rules. However possibly on a better server and with Win2000 Ositis proxy will run smooth and do the job.
July 12th, 2003, 03:38 PM
Just a minor contribution, but I find that ZoneAlarm 3.7.193 is pretty damn good for a product that is free. There was some news a bit back about it having a major flaw. This seems to be not entirely true and can be cleared up by going to here. Check out tonybradley's post at the bottom of the page.
I don't know much about security - yet, but hope to learn more.
I reckon ZoneAlarm is definately an option although a question from me, from this is would be:
Do you need something 'bigger' than the free version of ZoneAlarm if you are administering a large University network?
[gloworange]Athlon XP 2100+ 1.74GHz
512MB PC2100 DDR-SD RAM
RADEON 9600XT 256MB[/gloworange]
July 12th, 2003, 04:01 PM
I suggest try Agnitum Outpost Firewall for me this one is simply the best.You can download a fee version witch offers basic protection.
it really do have a nice interface & does the job.dont forget to keep it updated.
The Power Of Your Imagination:
July 13th, 2003, 12:43 AM
VictorKaum: appreciate your comments about 'WinProxy' (36 hours). We had it running on NT4 (sp5) for months without any problems. Only reason we downed it was to upgrade the hard drive. Ran for months after that too. Cheers
slarty (bartfast ?) MSN Messenger....tried blocking 'every' site it connected to, and the port it used (1863?). Didn't work. And Microsoft are proud that MSN will 'find its own way' to the internet by using the HTTP proxy port.
July 13th, 2003, 01:22 AM
It's free, it will do what you need it to. You can filter by ports, content, typing, protocols, whatever. heck you can even interface it with various modules floting around that actually look at content content... as in: 'what is the jpeg is of?', or 'what is the document is about?'
I think the only you'd find better would be Guantlet (which is based off of FWTK) or Sidewinder (which is based off, albeit more loosely, of LOCK likely the most secure system and the foundation of/inspiration for many of the most secure systems: SMG & AITS6), but both of these firewalls are pricey and although FWTK isn't really in the same leauge with those two, it is pretty much the closest to them.
July 13th, 2003, 02:26 AM
Here's a link with some good free software
Here's a link with with not only some free antivirus, firewalls, but also spam blockers, bot killers, email encrytions and others...... http://www.firewallguide.com/freeware.htm
The only way I've been able to kill MSN messager is by killing it with my firewall rules